a2ps/patches/09_CVE-2001-1593.patch

	09_CVE-2001-1593.patch revision 6895
6895N/AFix CVE-2001-1593
6895N/A
6895N/ASee: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1593
6895N/A     https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2001-1593
6895N/Afor more details.
6895N/A
6895N/AIndex: b/lib/routines.c
6895N/A===================================================================
6895N/A--- a/lib/routines.c
6895N/A+++ b/lib/routines.c
6895N/A@@ -242,3 +242,50 @@
6895N/A   /* Don't complain if you can't unlink.  Who cares of a tmp file? */
6895N/A   unlink (filename);
6895N/A }
6895N/A+
6895N/A+/*
6895N/A+ * Securely generate a temp file, and make sure it gets
6895N/A+ * deleted upon exit.
6895N/A+ */
6895N/A+static char ** tempfiles;
6895N/A+static unsigned    ntempfiles;
6895N/A+
6895N/A+static void
6895N/A+cleanup_tempfiles()
6895N/A+{
6895N/A+   while (ntempfiles--)
6895N/A+       unlink(tempfiles[ntempfiles]);
6895N/A+}
6895N/A+
6895N/A+char *
6895N/A+safe_tempnam(const char *pfx)
6895N/A+{
6895N/A+   char    *dirname, *filename;
6895N/A+   int fd;
6895N/A+
6895N/A+   if (!(dirname = getenv("TMPDIR")))
6895N/A+       dirname = "/tmp";
6895N/A+
6895N/A+   tempfiles = (char **) realloc(tempfiles,
6895N/A+           (ntempfiles+1) * sizeof(char *));
6895N/A+   if (tempfiles == NULL)
6895N/A+       return NULL;
6895N/A+
6895N/A+   filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
6895N/A+   if (!filename)
6895N/A+       return NULL;
6895N/A+
6895N/A+   sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
6895N/A+
6895N/A+   if ((fd = mkstemp(filename)) < 0) {
6895N/A+       free(filename);
6895N/A+       return NULL;
6895N/A+   }
6895N/A+   close(fd);
6895N/A+
6895N/A+   if (ntempfiles == 0)
6895N/A+       atexit(cleanup_tempfiles);
6895N/A+   tempfiles[ntempfiles++] = filename;
6895N/A+
6895N/A+   return filename;
6895N/A+}
6895N/AIndex: b/lib/routines.h
6895N/A===================================================================
6895N/A--- a/lib/routines.h
6895N/A+++ b/lib/routines.h
6895N/A@@ -255,7 +255,8 @@
6895N/A /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
6895N/A #define tempname_ensure(Str)               \
6895N/A do {                           \
6895N/A-  (Str) = (Str) ? (Str) : tempnam (NULL, "a2_");   \
6895N/A+  (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \
6895N/A } while (0)
6895N/A+char * safe_tempnam(const char *);
6895N/A
6895N/A #endif